Account security & who can see what

Your Xerish account touches money, so it's worth a few minutes to lock it down and to understand exactly what each teammate can access.

What it's for

To keep your account, your gifts, and your givers' trust safe — and to make sure the right people on your team have the right access, no more and no less.

How it works

• Owner vs team. Every organization has one owner with full control, including the Financial Center (the money screen) and Stripe connection. Additional team members are granted access to specific areas only.
• Area permissions. Roles are scoped by area — content, prayer, partnerships, and so on. A teammate added to manage posts does not automatically see financial data. Grant the narrowest access that lets each person do their job.
• Financial data is owner-gated. The Storehouse wallet breakdown and grant history load only for the owner; they are not visible to general team members or to the public.
• Sign-in hygiene. Use a strong, unique password and keep your recovery email current. Treat your login like access to your bank, because it partly is.

Governing limitations

• One owner controls money and Stripe. Transferring ownership or connecting a different bank is an owner-only action.
• Permissions are additive and explicit. A team member sees only the areas they've been granted — nothing is shared by default.
• Removing access is immediate. When someone leaves, remove them from your team so their access ends at once.

Good to know

• Review your team list periodically and prune anyone who no longer needs access.
• If you suspect your account is compromised, change your password immediately and contact support.
• For the full breakdown of each role and area, see "Team members, roles & area permissions."